Jeff Saxton
2004-Aug-18 16:22 UTC
[Samba] perl code for manipulating Samba LDAP attributes?
Since I manage the rest (unix side) of my ldap directory using Net::LDAP I was wondering if there are any perl modules/code out there to manipulate/calculate.... the Samba password attributes and the SID stuff? If no one comes forth I guess I will look at the code for smbpasswd and do it myself, but I would hate to re-invent the wheel. Jeff Saxton Sr. Support Engineer Addamark Technologies, Inc. http://www.addamark.com <http://www.addamark.com/> mailto:support@addamark.com CELL: +1 415-640-6392
Paul Gienger
2004-Aug-18 16:27 UTC
[Samba] perl code for manipulating Samba LDAP attributes?
Perhaps start here: http://search.cpan.org/~bjkuit/Crypt-SmbHash-0.02/SmbHash.pm I believe this is the module that the smbldap-tools package uses, as opposed to the old c program that had to be compiled on each system under 0.8.4 and previous. Jeff Saxton wrote:>Since I manage the rest (unix side) of my ldap directory using Net::LDAP >I was wondering if there are any perl modules/code out there >to manipulate/calculate.... the Samba password attributes and the SID >stuff? > >If no one comes forth I guess I will look at the code for smbpasswd and >do it myself, but I would hate to re-invent the wheel. > >Jeff Saxton >Sr. Support Engineer >Addamark Technologies, Inc. >http://www.addamark.com <http://www.addamark.com/> >mailto:support@addamark.com >CELL: +1 415-640-6392 > > >-- Paul Gienger Office: 701-281-1884 Applied Engineering Inc. Information Systems Consultant Fax: 701-281-1322 URL: www.ae-solutions.com mailto: pgienger@ae-solutions.com
Jeff Saxton
2004-Aug-18 17:02 UTC
[Samba] perl code for manipulating Samba LDAP attributes?
Yeah I haven't found where to read up on the IDMAP stuff, I don't want to use winbind either. I'm in the same position of trying to initially populate the DIT, someone else pointed me at Crypt::SmbHash which looks simple enough to use for the passwords I noticed that once I got smbpasswd working it installed a sambaDomainName object, is that the base of the The sambaPrimarygroupSID sambaSID stuff? I really don't know how that stuff works yet being formerly a Strictly unix guy. One other thing: I guess ( if it's possible ) I'd like to learn enough to setup Samba3 as a PDC with an LDAP Backend, is the Sambe by Example book a good place to start? The O'Rielly Using Samba book didn't really have S**T to say about LDAP. Thanks for your help Jeff Saxton Sr. Support Engineer Addamark Technologies, Inc. http://www.addamark.com mailto:support@addamark.com CELL: +1 415-640-6392 -----Original Message----- From: William Jojo [mailto:jojowil@hvcc.edu] Sent: Wednesday, August 18, 2004 9:37 AM To: Jeff Saxton Subject: Re: [Samba] perl code for manipulating Samba LDAP attributes? On Wed, 18 Aug 2004, Jeff Saxton wrote:> Since I manage the rest (unix side) of my ldap directory using > Net::LDAP I was wondering if there are any perl modules/code out there> to manipulate/calculate.... the Samba password attributes and the SID > stuff? >I'm using some ksh scripts, but the calculations I used were the algorithmic ones. uid*2+1000 and gid*2+1001. these are the old classic methods used when using smbpasswd as the pw db. anyway, I just calculate the rid and append it to the end of the server sid and create the posix/samba account and then the IDMAP entries. I'm not using winbind for anything here, so i can get away with populating the whole thing as i create users. I guess I truly reinvented the wheel, but I needed clear recovery and I didn't see it if I used the winbindd tdb files. This way all I need is the users unix uid/gid pair and I can recalculate the rid's so the permissions inside the ntuser.dat files would be recreated correctly. do a google search on "mkntpwd" to get the source code for nt/lm hash creations. I got mine from the Samba-3 by example cd, but it's out there. If there's anything else you need, let me know.... Bill> If no one comes forth I guess I will look at the code for smbpasswd > and do it myself, but I would hate to re-invent the wheel. > > Jeff Saxton > Sr. Support Engineer > Addamark Technologies, Inc. > http://www.addamark.com <http://www.addamark.com/> > mailto:support@addamark.com > CELL: +1 415-640-6392 > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >